diff --git a/packages/gateway/config/kong.yml b/packages/gateway/config/kong.yml index 4535a70..e610ff3 100644 --- a/packages/gateway/config/kong.yml +++ b/packages/gateway/config/kong.yml @@ -106,12 +106,7 @@ services: strip_path: false plugins: - - name: jwt - config: - key_claim_name: kid - claims_to_verify: - - exp - + # ===== Global plugins (apply to ALL routes) ===== - name: cors config: origins: @@ -143,10 +138,64 @@ plugins: path: /dev/stdout reopen: true + # ===== JWT per-service (NOT on auth-service) ===== - name: jwt - route: auth-routes - enabled: false + service: agent-service + config: + key_claim_name: kid + claims_to_verify: + - exp + - name: jwt + service: agent-config-service + config: + key_claim_name: kid + claims_to_verify: + - exp + + - name: jwt + service: ops-service + config: + key_claim_name: kid + claims_to_verify: + - exp + + - name: jwt + service: inventory-service + config: + key_claim_name: kid + claims_to_verify: + - exp + + - name: jwt + service: monitor-service + config: + key_claim_name: kid + claims_to_verify: + - exp + + - name: jwt + service: comm-service + config: + key_claim_name: kid + claims_to_verify: + - exp + + - name: jwt + service: voice-service + config: + key_claim_name: kid + claims_to_verify: + - exp + + - name: jwt + service: audit-service + config: + key_claim_name: kid + claims_to_verify: + - exp + + # ===== Route-specific overrides ===== - name: rate-limiting route: agent-ws config: diff --git a/packages/services/auth-service/src/infrastructure/repositories/api-key.repository.ts b/packages/services/auth-service/src/infrastructure/repositories/api-key.repository.ts index 68bf901..ee44954 100644 --- a/packages/services/auth-service/src/infrastructure/repositories/api-key.repository.ts +++ b/packages/services/auth-service/src/infrastructure/repositories/api-key.repository.ts @@ -1,21 +1,24 @@ import { Injectable } from '@nestjs/common'; -import { DataSource } from 'typeorm'; -import { TenantAwareRepository } from '@it0/database'; +import { InjectRepository } from '@nestjs/typeorm'; +import { Repository } from 'typeorm'; import { ApiKey } from '../../domain/entities/api-key.entity'; @Injectable() -export class ApiKeyRepository extends TenantAwareRepository { - constructor(dataSource: DataSource) { - super(dataSource, ApiKey); - } +export class ApiKeyRepository { + constructor( + @InjectRepository(ApiKey) + private readonly repo: Repository, + ) {} async findByKeyHash(keyHash: string): Promise { - const repo = await this.getRepository(); - return repo.findOneBy({ keyHash } as any); + return this.repo.findOneBy({ keyHash }); } async findByUserId(userId: string): Promise { - const repo = await this.getRepository(); - return repo.find({ where: { userId } as any }); + return this.repo.find({ where: { userId } }); + } + + async save(apiKey: ApiKey): Promise { + return this.repo.save(apiKey); } } diff --git a/packages/services/auth-service/src/infrastructure/repositories/user.repository.ts b/packages/services/auth-service/src/infrastructure/repositories/user.repository.ts index 71792be..d70d7bd 100644 --- a/packages/services/auth-service/src/infrastructure/repositories/user.repository.ts +++ b/packages/services/auth-service/src/infrastructure/repositories/user.repository.ts @@ -1,16 +1,24 @@ import { Injectable } from '@nestjs/common'; -import { DataSource } from 'typeorm'; -import { TenantAwareRepository } from '@it0/database'; +import { InjectRepository } from '@nestjs/typeorm'; +import { Repository } from 'typeorm'; import { User } from '../../domain/entities/user.entity'; @Injectable() -export class UserRepository extends TenantAwareRepository { - constructor(dataSource: DataSource) { - super(dataSource, User); - } +export class UserRepository { + constructor( + @InjectRepository(User) + private readonly repo: Repository, + ) {} async findByEmail(email: string): Promise { - const repo = await this.getRepository(); - return repo.findOneBy({ email } as any); + return this.repo.findOneBy({ email }); + } + + async findById(id: string): Promise { + return this.repo.findOneBy({ id }); + } + + async save(user: User): Promise { + return this.repo.save(user); } }